Stop, step back, take a minute, slow down

Think about it

There’s an old comment; “A Lie Can Travel Halfway Around the World While the Truth Is Putting On Its Shoes”. This came from a pre-internet world. Today a lie can travel around the world in seconds.

Personal annecdote

Last year I broke the MBR on every hard disk on my home server. I was panicing. I really didn’t want to rebuild and restore from backup, and then re-rip all my DVDs; such a time sink! So I stopped; stepped away from the keyboard; got a (decaf) coffee. Took the time to think.

By taking a minute, slowing down, I was able to think about the problem and come to a solution that saved me a tonne of time and effort (and, effectively, zero downtime except for one reboot).

Real world incidents

An incident happens; in American it’s probably a shooting. It could have been the Christmas truck incident in Germany. Or Benghazi. Or 9/11. Immediately twitter and facebook are aflame with theories and stories. But we don’t actually know what’s happening; the facts are still being investigated. Stop; step back, take a minute, slow down. Wait a few days and see what the investigation reports. The truth probably isn’t what you read on social media.

There’s even an infographic…

break-news

Infosec stories

Last week the Grauniad wrote an article about how the world’s leading secure communication app, WhatsApp, had a security backdoor The security world went mad, with claims, counter-claims, rhetoric, demands to opensource the software, or use the Signal software.

Stop; step back, take a minute, slow down.

The “day two” story shows that this isn’t a backdoor (which has a specific meaning). It’s a compromise between usability and security. Was it the right compromise? Maybe not. But it’s not a backdoor. The world isn’t ending, the WhatsApp servers can’t read your stuff, the FBI can’t get a warrant to read your messages.

Corporate environments

Your company has just been breached (it will happen). You’ve done a thorough incident response and decided “XYZ technology wasn’t good enough”. Perhaps it was that an SA’s laptop got infected with a key logger (AntiVirus software wasn’t good enough), or a web site leaked credentials (inadequate scanning).

A common response is “XYZ wasn’t good enough; let’s replace it with ABC”.

Stop; step back, take a minute, slow down.

The “day two” story is that what you’ve got is probably as good as what you’re proposing. ABC may have detected this issue, but it may not detect another issue that XYZ has been protecting you from. The problem may actually lay elsewhere (an underlying assumption that you’d repeat with the new technology).

Conclusion

It’s easy to fall into the Politician’s syllogism

  1. We must do something
  2. This is something
  3. Therefore, we must do this.

Whether this is in response to an external event (shooting, bombing), or an internal issue (something broke) or even a personal issue (argument with your Significant Other), there’s a rush to try and fix things.

Stop; step back, take a minute, slow down.

Make sure you’ve got the correct information and the right analysis; the situation may not be what you think it is. By stepping back and taking that extra time you might save yourself a lot of time and effort and avoid replacing a working system with one with new and different oddities.